Forum Discussion
Michael_Koyfma1
Jan 25, 2016Cirrus
I think there is some confusion there. Have you seen this part of the documentation?
If you want to support SP and IDP-initiated connections, then you need to create SAML Resource objects and assign them to the webtop. So, the best practice setup for you would be to create unique IDP object per each SP you have(the entity ID can be the same/redundant across all IDP configs), then bind each IDP and SP connector together, create SAML Resource object, and assign all SAML resource objects to the webtop.
After that, you should have both SP and IDP-initiated logins work without issues - do not assign anything to the SSO at the Access Profile level in order for this work.